﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Security.Cryptography;

namespace shopform
{
    public class myAuthenticator
    {
        private static bool logged = false;
        private static String userType = "none";
        private static String userFullName = "Guest";

        /// <summary>
        /// Returns users Full Name.
        /// </summary>
        /// <returns>String</returns>
        public static String getName()
        {
            return myAuthenticator.userFullName;
        }

        /// <summary>
        /// Returns users access level.
        /// </summary>
        /// <returns>String</returns>
        public static String getType()
        {
            return myAuthenticator.userType;
        }

        /// <summary>
        /// Logging of the user setting boolean logged to false.
        /// </summary>
        public static void logoff()
        {
            myAuthenticator.logged = false;
        }

        /// <summary>
        /// Check if user is authenticated.
        /// </summary>
        /// <returns>True if user authenticated succesfully, otherwise false.</returns>
        public static bool isAuth()
        {
            return myAuthenticator.logged;
        }

        public static void checkAuth(String userName,String userPass)
        {
            Int32 l = 0;

            try
            {
                String query;
                query = 
                   "SELECT COUNT(*) " +
                   "FROM AppUsers " +
                   "WHERE AppUserUserName = '" + userName + "' AND " +
                   "AppUserUserPass = '" + CreateMD5Hash(userPass) + "' ";
                
                l = (Int32) myDatabaseCommander.ExecuteScalar(query);
                
                if (l == 1)
                {
                    query =
                        "SELECT AppUserTypeName " +
                        "FROM AppUsers,AppUserTypes " +
                        "WHERE AppUserUserName = '" + userName + "' AND " +
                        "AppUsers.AppUserType = AppUserTypes.AppUserTypeID";

                    myAuthenticator.userType = 
                        (String) myDatabaseCommander.ExecuteScalar(query);


                    query =
                        "SELECT AppUserFullName " +
                        "FROM AppUsers " +
                        "WHERE AppUserUserName = '" + userName + "'";

                    myAuthenticator.userFullName =
                        (String)myDatabaseCommander.ExecuteScalar(query);
                }

            }
            catch (Exception e)
            {
                throw new Exception("myAuthenticator::checkAuth " + e.Message);
            }
            myAuthenticator.logged = (l == 1);
        }

        private static String CreateMD5Hash(String input)
        {
            // Use input string to calculate MD5 hash
            MD5 md5 = System.Security.Cryptography.MD5.Create();
            byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
            byte[] hashBytes = md5.ComputeHash(inputBytes);

            // Convert the byte array to hexadecimal string
            StringBuilder sb = new StringBuilder();
            for (int i = 0; i < hashBytes.Length; i++)
            {
                sb.Append(hashBytes[i].ToString("X2"));
                // To force the hex string to lower-case letters instead of
                // upper-case, use he following line instead:
                // sb.Append(hashBytes[i].ToString("x2")); 
            }
            return sb.ToString();
        }
    }
}
